Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/In8AAI021j7e9C3OzCifempGXGU.roa
File: In8AAI021j7e9C3OzCifempGXGU.roa (raw, json)
Hash identifier: n95Mzfes1U6Uouwe7mzr3nrr5q2nA4UKQWYDEOqCgKc=
Subject key identifier: 22:7F:00:00:8D:36:D6:3E:DE:F4:2D:CE:CC:28:9F:7A:6A:46:5C:65
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC42563A888991AAB3B8257995B0C1FCD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/In8AAI021j7e9C3OzCifempGXGU.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205091
IP address blocks: 163.5.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:63:a8:88:99:1a:ab:3b:82:57:99:5b:0c:1f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=227f00008d36d63edef42dcecc289f7a6a465c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:49:ac:5e:fd:4a:d3:e1:2c:8d:e3:17:f9:78:
b6:25:fd:93:45:a0:ed:b6:05:5b:63:1a:34:8c:42:
54:4c:bb:1b:1a:0c:38:af:ec:fa:80:31:19:75:f4:
e5:48:18:64:10:a8:87:f6:c9:18:ce:05:00:eb:e1:
a2:89:eb:59:df:c7:7f:3c:95:dc:9b:1d:a5:07:6d:
09:33:55:47:aa:28:37:62:ed:ac:d8:0d:16:91:c4:
4c:ad:58:1c:25:24:a2:00:fa:3e:66:d8:94:03:75:
90:71:3d:a3:a3:07:12:88:dc:99:1a:a8:87:dd:2a:
9a:51:ac:01:bb:37:83:a3:88:a1:dd:3b:66:f7:af:
fb:99:3a:39:97:b3:ba:45:ef:77:8f:8d:3c:72:48:
ce:95:a4:fd:57:cc:57:25:94:10:e5:74:a3:95:8b:
f8:50:3e:bf:71:e2:84:8c:0d:32:1c:e2:3d:26:94:
b3:67:b7:a4:0f:74:51:ad:b1:f8:66:dd:78:f2:59:
3d:04:58:72:21:d7:2c:35:b8:09:bf:6d:37:91:b5:
c5:e9:ce:d4:e9:d8:08:83:6a:79:76:6c:02:5e:e8:
cb:ee:ce:2c:d4:50:df:4d:fa:33:77:23:1d:2f:23:
ed:33:ed:8a:d8:41:e3:d4:f8:08:4b:e5:5d:85:0e:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7F:00:00:8D:36:D6:3E:DE:F4:2D:CE:CC:28:9F:7A:6A:46:5C:65
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/In8AAI021j7e9C3OzCifempGXGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.172.0/24
Signature Algorithm: sha256WithRSAEncryption
95:80:67:2d:0e:77:cb:af:be:64:db:86:32:68:7b:6b:0a:d0:
f2:22:97:b4:d5:40:07:0d:8d:41:85:e6:5e:1a:97:bd:4f:89:
f2:5e:77:30:08:cd:f6:31:8a:59:11:72:cd:4a:08:6a:2d:c8:
7d:81:ec:4c:94:cd:d6:20:a8:04:08:43:2e:36:6b:b4:51:20:
96:07:23:18:cc:ab:99:e9:7a:3c:54:4e:54:2c:a1:1b:54:11:
f3:86:59:dc:20:9b:72:3f:6b:14:22:c5:2b:7c:33:39:fc:ce:
0e:d0:f3:72:77:d4:39:9e:0a:a6:ae:05:2a:97:93:54:6d:95:
e9:e7:08:ab:db:b8:99:ec:c7:0c:d7:3e:a1:03:10:88:b9:82:
f0:58:e5:7b:0d:c9:00:50:8f:6b:d5:f0:93:4b:c7:56:01:54:
fd:6e:e6:e9:33:eb:85:c6:da:80:3a:5f:19:f2:08:1b:62:89:
63:64:62:2f:59:42:13:b6:07:16:93:68:fb:c2:9e:6c:7c:06:
50:88:0b:b7:ad:e3:e4:bf:f2:46:85:d4:5e:4c:ab:31:78:f4:
1f:79:75:df:d6:34:29:67:23:60:da:83:a7:2a:c6:76:46:ef:
ba:cc:02:b8:79:fc:dc:fb:1a:02:8d:95:20:b8:bc:c7:91:dd:
ee:a1:84:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWOoiJkaqzuCV5lbDB/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdmMDAwMDhkMzZkNjNlZGVmNDJkY2VjYzI4OWY3YTZhNDY1YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkmsXv1K0+EsjeMX+Xi2Jf2TRaDt
tgVbYxo0jEJUTLsbGgw4r+z6gDEZdfTlSBhkEKiH9skYzgUA6+GiietZ38d/PJXc
mx2lB20JM1VHqig3Yu2s2A0WkcRMrVgcJSSiAPo+ZtiUA3WQcT2jowcSiNyZGqiH
3SqaUawBuzeDo4ih3Ttm96/7mTo5l7O6Re93j408ckjOlaT9V8xXJZQQ5XSjlYv4
UD6/ceKEjA0yHOI9JpSzZ7ekD3RRrbH4Zt148lk9BFhyIdcsNbgJv203kbXF6c7U
6dgIg2p5dmwCXujL7s4s1FDfTfozdyMdLyPtM+2K2EHj1PgIS+VdhQ6fyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJ/AACNNtY+3vQtzswon3pqRlxlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSW44QUFJMDIxajdlOUMzT3pDaWZlbXBHWEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWsMA0G
CSqGSIb3DQEBCwUAA4IBAQCVgGctDnfLr75k24YyaHtrCtDyIpe01UAHDY1BheZe
Gpe9T4nyXncwCM32MYpZEXLNSghqLch9gexMlM3WIKgECEMuNmu0USCWByMYzKuZ
6Xo8VE5ULKEbVBHzhlncIJtyP2sUIsUrfDM5/M4O0PNyd9Q5ngqmrgUql5NUbZXp
5wir27iZ7McM1z6hAxCIuYLwWOV7DckAUI9r1fCTS8dWAVT9bubpM+uFxtqAOl8Z
8ggbYoljZGIvWUITtgcWk2j7wp5sfAZQiAu3rePkv/JGhdReTKsxePQfeXXf1jQp
ZyNg2oOnKsZ2Ru+6zAK4efzc+xoCjZUguLzHkd3uoYSS
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:44:25 2024 by rpki-client on console-ams.rpki-client.org